Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/b5c9d473-5d56-39c7-969f-b250d603699f.roa
File:                     b5c9d473-5d56-39c7-969f-b250d603699f.roa (raw, json)
Hash identifier:          6RiaAqf7SXJmE6eI+hAsxsa/q+ZSGfRfUR1uiAaVkZw=
Subject key identifier:   E2:E5:CB:B2:48:6C:AF:84:AC:5C:68:E3:8F:33:CE:CE:3A:2B:75:31
Certificate issuer:       /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial:       010D0C9F4328584514802B043C14F71AC7C42B80
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/b5c9d473-5d56-39c7-969f-b250d603699f.roa
Signing time:             Sun 03 Mar 2024 02:00:27 +0000
ROA not before:           Sun 03 Mar 2024 02:00:27 +0000
ROA not after:            Sat 01 Jun 2024 01:00:27 +0000
asID:                     136787
IP address blocks:        172.252.164.0/24 maxlen: 24
                          172.252.60.0/24 maxlen: 24
                          136.0.6.0/24 maxlen: 24
                          136.0.5.0/24 maxlen: 24
                          136.0.7.0/24 maxlen: 24
                          45.38.185.0/24 maxlen: 24
                          45.38.152.0/24 maxlen: 24
                          50.117.45.0/24 maxlen: 24
                          45.39.170.0/24 maxlen: 24
                          104.253.135.0/24 maxlen: 24
                          104.164.4.0/24 maxlen: 24
                          104.253.56.0/24 maxlen: 24
                          104.164.2.0/24 maxlen: 24
                          104.252.215.0/24 maxlen: 24
                          104.252.185.0/24 maxlen: 24
                          23.27.188.0/24 maxlen: 24
                          104.165.161.0/24 maxlen: 24
                          104.165.69.0/24 maxlen: 24
                          104.164.204.0/24 maxlen: 24
                          104.164.193.0/24 maxlen: 24
                          104.164.16.0/24 maxlen: 24
                          104.164.12.0/24 maxlen: 24
                          23.230.213.0/24 maxlen: 24
                          23.230.183.0/24 maxlen: 24
                          23.230.217.0/24 maxlen: 24
                          142.252.137.0/24 maxlen: 24
                          142.252.119.0/24 maxlen: 24
                          142.252.28.0/24 maxlen: 24
                          142.252.22.0/24 maxlen: 24
                          23.27.24.0/24 maxlen: 24
                          142.252.54.0/24 maxlen: 24
                          142.252.30.0/24 maxlen: 24
                          23.27.130.0/24 maxlen: 24
                          142.111.219.0/24 maxlen: 24
                          23.27.115.0/24 maxlen: 24
                          142.111.218.0/24 maxlen: 24
                          23.27.182.0/24 maxlen: 24
                          142.252.11.0/24 maxlen: 24
                          23.27.175.0/24 maxlen: 24
                          142.252.9.0/24 maxlen: 24
                          23.27.231.0/24 maxlen: 24
                          23.230.182.0/24 maxlen: 24
                          23.230.0.0/24 maxlen: 24
                          136.0.14.0/24 maxlen: 24
                          136.0.13.0/24 maxlen: 24
                          23.230.27.0/24 maxlen: 24
                          142.111.129.0/24 maxlen: 24
                          23.230.19.0/24 maxlen: 24
                          136.0.15.0/24 maxlen: 24
                          23.230.111.0/24 maxlen: 24
                          23.230.70.0/24 maxlen: 24
                          23.230.145.0/24 maxlen: 24
                          136.0.12.0/24 maxlen: 24
                          23.230.144.0/24 maxlen: 24
                          136.0.10.0/24 maxlen: 24
                          23.27.164.0/24 maxlen: 24
                          136.0.4.0/24 maxlen: 24
                          172.252.24.0/24 maxlen: 24
                          107.187.107.0/24 maxlen: 24
                          107.187.95.0/24 maxlen: 24
                          107.187.72.0/24 maxlen: 24
                          166.88.173.0/24 maxlen: 24
                          107.187.57.0/24 maxlen: 24
                          107.186.92.0/24 maxlen: 24
                          172.121.105.0/24 maxlen: 24
                          107.165.223.0/24 maxlen: 24
                          166.88.253.0/24 maxlen: 24
                          107.164.171.0/24 maxlen: 24
                          192.177.99.0/24 maxlen: 24
                          107.164.94.0/24 maxlen: 24
                          172.252.176.0/24 maxlen: 24
                          107.164.54.0/24 maxlen: 24
                          192.177.143.0/24 maxlen: 24
                          107.164.46.0/24 maxlen: 24
                          192.177.132.0/24 maxlen: 24
                          107.164.37.0/24 maxlen: 24
                          192.177.146.0/24 maxlen: 24
                          104.253.149.0/24 maxlen: 24
                          192.177.145.0/24 maxlen: 24
                          104.165.180.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:14:80:2b:04:3c:14:f7:1a:c7:c4:2b:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
        Validity
            Not Before: Mar  3 02:00:27 2024 GMT
            Not After : Jun  1 01:00:27 2024 GMT
        Subject: CN=a1b3ddb7-694f-479b-bdf1-99c990a08207
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a3:69:ce:3a:b3:0c:10:58:7e:02:91:d6:93:
                    ad:b0:3c:3b:7c:ce:2b:80:6b:ee:2f:e8:af:3a:bb:
                    5d:9d:e8:23:a9:d5:5b:59:b0:cb:43:2d:73:17:ea:
                    5a:28:e1:66:ec:cd:0c:9f:2e:2a:1e:59:c9:61:22:
                    c2:f8:eb:f3:b5:ef:0f:88:ac:9b:25:2a:ab:64:a0:
                    a2:df:ae:2f:fe:7c:f2:49:8a:5a:c0:1d:5f:91:51:
                    7e:67:8b:2d:15:a4:b9:4e:db:ad:4d:ee:5d:c7:89:
                    42:19:33:a8:cb:d4:0a:83:12:6d:b0:19:38:e6:47:
                    11:b9:b5:24:4c:82:d2:ef:47:d0:22:63:04:29:12:
                    3e:a9:20:8a:30:81:7c:3b:ce:55:f3:ad:c4:a4:95:
                    8d:b4:7d:42:60:7b:bf:f5:ba:1a:19:5a:73:c2:f7:
                    6d:3b:60:89:ce:72:1a:d5:c2:fc:50:d8:68:da:52:
                    11:76:db:df:1c:93:ee:11:fa:fb:21:80:f6:8e:4e:
                    6e:ac:04:a7:27:29:4a:42:4b:e4:37:f2:a9:01:0e:
                    e0:ca:85:3a:85:0b:b4:84:a3:c2:81:12:3a:8d:c9:
                    9e:ca:e9:4c:37:3f:b6:67:14:bf:20:7a:1b:f1:2b:
                    b7:fc:ef:fb:a0:3d:fd:d6:67:44:73:6f:33:14:91:
                    ae:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:E5:CB:B2:48:6C:AF:84:AC:5C:68:E3:8F:33:CE:CE:3A:2B:75:31
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/b5c9d473-5d56-39c7-969f-b250d603699f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl

            X509v3 Authority Key Identifier:
                keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.27.24.0/24
                  23.27.115.0/24
                  23.27.130.0/24
                  23.27.164.0/24
                  23.27.175.0/24
                  23.27.182.0/24
                  23.27.188.0/24
                  23.27.231.0/24
                  23.230.0.0/24
                  23.230.19.0/24
                  23.230.27.0/24
                  23.230.70.0/24
                  23.230.111.0/24
                  23.230.144.0/23
                  23.230.182.0/23
                  23.230.213.0/24
                  23.230.217.0/24
                  45.38.152.0/24
                  45.38.185.0/24
                  45.39.170.0/24
                  50.117.45.0/24
                  104.164.2.0/24
                  104.164.4.0/24
                  104.164.12.0/24
                  104.164.16.0/24
                  104.164.193.0/24
                  104.164.204.0/24
                  104.165.69.0/24
                  104.165.161.0/24
                  104.165.180.0/24
                  104.252.185.0/24
                  104.252.215.0/24
                  104.253.56.0/24
                  104.253.135.0/24
                  104.253.149.0/24
                  107.164.37.0/24
                  107.164.46.0/24
                  107.164.54.0/24
                  107.164.94.0/24
                  107.164.171.0/24
                  107.165.223.0/24
                  107.186.92.0/24
                  107.187.57.0/24
                  107.187.72.0/24
                  107.187.95.0/24
                  107.187.107.0/24
                  136.0.4.0/22
                  136.0.10.0/24
                  136.0.12.0/22
                  142.111.129.0/24
                  142.111.218.0/23
                  142.252.9.0/24
                  142.252.11.0/24
                  142.252.22.0/24
                  142.252.28.0/24
                  142.252.30.0/24
                  142.252.54.0/24
                  142.252.119.0/24
                  142.252.137.0/24
                  166.88.173.0/24
                  166.88.253.0/24
                  172.121.105.0/24
                  172.252.24.0/24
                  172.252.60.0/24
                  172.252.164.0/24
                  172.252.176.0/24
                  192.177.99.0/24
                  192.177.132.0/24
                  192.177.143.0/24
                  192.177.145.0-192.177.146.255

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         83:72:18:42:27:94:dd:15:fb:2b:95:7e:13:a8:e0:42:2c:e7:
         17:5b:b0:9f:2f:bf:2b:fd:79:59:86:26:93:78:40:a7:1c:20:
         e6:42:85:91:f0:66:60:88:65:98:7f:f2:d7:9c:5f:77:f7:0c:
         a6:7e:5b:42:5b:98:4c:81:07:c2:29:58:07:c0:a9:0f:b5:03:
         55:f0:33:03:58:18:16:9a:ec:aa:f9:70:a7:4f:e1:d4:f5:0f:
         29:67:12:f6:f3:bd:1d:8b:a0:ad:db:18:9a:af:d1:da:1c:ea:
         70:73:97:39:73:c9:f4:0b:04:91:a2:f4:41:dc:b7:e0:32:76:
         9c:0a:db:b3:2b:14:ce:87:ce:37:2e:c3:9b:81:cc:09:8f:67:
         61:89:35:4b:fc:00:57:28:46:2f:cb:a2:30:e0:71:74:9b:fb:
         9e:5b:b1:3a:b5:3c:73:49:6c:c6:5a:8f:54:71:05:3c:8a:ce:
         df:21:10:c8:11:e2:36:40:6e:2a:86:9b:2d:82:7a:94:a4:99:
         73:c5:2d:62:dc:cc:da:3b:7f:29:5e:ee:ef:53:d8:f2:13:ea:
         8d:4c:66:fc:1e:9b:ae:37:4f:97:b2:c0:0e:92:52:d2:de:f8:
         e4:72:48:b2:86:12:bc:67:54:ab:66:6a:85:83:f5:63:4c:20:
         2b:87:4b:6c
-----BEGIN CERTIFICATE-----
MIIH8zCCBtugAwIBAgIUAQ0Mn0MoWEUUgCsEPBT3GsfEK4AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTI0MDMwMzAyMDAyN1oXDTI0MDYwMTAxMDAyN1owLzEtMCsGA1UEAxMk
YTFiM2RkYjctNjk0Zi00NzliLWJkZjEtOTljOTkwYTA4MjA3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6NpzjqzDBBYfgKR1pOtsDw7fM4rgGvuL+iv
OrtdnegjqdVbWbDLQy1zF+paKOFm7M0Mny4qHlnJYSLC+Ovzte8PiKybJSqrZKCi
364v/nzySYpawB1fkVF+Z4stFaS5TtutTe5dx4lCGTOoy9QKgxJtsBk45kcRubUk
TILS70fQImMEKRI+qSCKMIF8O85V863EpJWNtH1CYHu/9boaGVpzwvdtO2CJznIa
1cL8UNho2lIRdtvfHJPuEfr7IYD2jk5urASnJylKQkvkN/KpAQ7gyoU6hQu0hKPC
gRI6jcmeyulMNz+2ZxS/IHob8Su3/O/7oD391mdEc28zFJGuHQIDAQABo4IFBTCC
BQEwHQYDVR0OBBYEFOLly7JIbK+ErFxo448zzs46K3UxMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvYjVjOWQ0NzMtNWQ1Ni0z
OWM3LTk2OWYtYjI1MGQ2MDM2OTlmLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMIIBzQYIKwYBBQUHAQcBAf8EggG8MIIBuDCCAbQEAgABMIIB
rAMEABcbGAMEABcbcwMEABcbggMEABcbpAMEABcbrwMEABcbtgMEABcbvAMEABcb
5wMEABfmAAMEABfmEwMEABfmGwMEABfmRgMEABfmbwMEARfmkAMEARfmtgMEABfm
1QMEABfm2QMEAC0mmAMEAC0muQMEAC0nqgMEADJ1LQMEAGikAgMEAGikBAMEAGik
DAMEAGikEAMEAGikwQMEAGikzAMEAGilRQMEAGiloQMEAGiltAMEAGj8uQMEAGj8
1wMEAGj9OAMEAGj9hwMEAGj9lQMEAGukJQMEAGukLgMEAGukNgMEAGukXgMEAGuk
qwMEAGul3wMEAGu6XAMEAGu7OQMEAGu7SAMEAGu7XwMEAGu7awMEAogABAMEAIgA
CgMEAogADAMEAI5vgQMEAY5v2gMEAI78CQMEAI78CwMEAI78FgMEAI78HAMEAI78
HgMEAI78NgMEAI78dwMEAI78iQMEAKZYrQMEAKZY/QMEAKx5aQMEAKz8GAMEAKz8
PAMEAKz8pAMEAKz8sAMEAMCxYwMEAMCxhAMEAMCxjzAMAwQAwLGRAwQAwLGSMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAINyGEInlN0V+yuVfhOo4EIs5xdbsJ8vvyv9eVmGJpN4QKccIOZChZHw
ZmCIZZh/8tecX3f3DKZ+W0JbmEyBB8IpWAfAqQ+1A1XwMwNYGBaa7Kr5cKdP4dT1
DylnEvbzvR2LoK3bGJqv0doc6nBzlzlzyfQLBJGi9EHct+AydpwK27MrFM6Hzjcu
w5uBzAmPZ2GJNUv8AFcoRi/LojDgcXSb+55bsTq1PHNJbMZaj1RxBTyKzt8hEMgR
4jZAbiqGmy2CepSkmXPFLWLczNo7fyle7u9T2PIT6o1MZvwem643T5eywA6SUtLe
+ORySLKGErxnVKtmaoWD9WNMICuHS2w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:10:30 2024 by rpki-client on console-fra.rpki-client.org